REMARKS 

Applicants respectfully traverse and request reconsideration. 

Applicants wish to thank the Examiner for the notice that claims 27-31 have been 
allowed. 

Applicants respectfully cancel claims 1-5 with traverse and without prejudice. 

Remaining claims 6, 7, 17 and 18 stand rejected under 35 U.S.C. § 102(b) as allegedly 
being anticipated by U.S. Patent No. 5,875,296 (Shi). Shi is directed to a distributed file 
system web server user authentication system that employs cookies that are sent back to a 
user terminal. Applicants respectfully note that independent claims 6 and 17 require, among 
other things, using the user identification data sent by the first unit to determine which 
destination unit, other than the first unit, will receive an authentication code to be used to 
authenticate the user . The process also includes sending the authentication code to the 
determined destination unit based on user identification data, receiving a retumed 
authentication code back after sending the authentication code to the determined destination 
unit and authenticating the user, based on the retumed authentication code when the retumed 
authentication code matches the sent authentication code . Applicants respectfully note that 
the cited portions of Shi do not address Applicants' claim language. For example, the office 
action does not indicate how Shi discloses using the user identification data that has been 
received by an authentication unit, and sent by the first unit, to determine which destination 
unit, other than the first unit , receives an authentication code to be used to authenticate the 
user. As admitted in the office action, Shi teaches, to the extent applicable, that the alleged 
authentication code (created unique ID) is provided to the "user terminal" or client terminal. 
The claims require a different operation since the user identification data sent by the first unit 
is used to determine which destination unit, other than the first unit will receive an 
authentication code. No such operation is described in Shi. 
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Moreover, other limitations are not met. For example, the claim requires sending the 
authentication code to the determined destination unit based on the user ID data and receiving 
a retumed authentication code back after sending the authentication code. Again, the cited 
portions of column 6 and column 8 do not refer to sending an authentication code to a 
determined destination unit that is other than the first unit since the office action indicates 
that the unique ID is sent back to the client browser which is then provided to the session 
manager 27 which is alleged to be the authentication unit. There is no sending of the 
authentication code to the determined destination unit other than the first unit described in the 
cited portions. As such, the claim is in condition for allowance. In addition, Shi attempts to 
authenticate a client unit in a different manner from that claimed. For example, the claims 
also require that authentication of the user is based on the retumed authentication code that is 
retumed back from the determined destination unit and the authentication is granted when the 
retumed authentication code matches the sent authentication code. No such communication 
of authentication codes is taught in the cited references. As such. Applicants respectfully 
submit that the claim is in condition for allowance for one or more of the above reasons. 

The dependent claims add additional novel and non-obvious subject matter. 

Remaining claims 8 and 19 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Shi in view of U.S. Patent No. 6,052,725 (McCann). However, claim 8 
requires that the maintenance of per-user destination unit data includes at least one 
destination unit identifier per user wherein the user ID data is used to determine which 
destination unit, other than the first unit, will receive the authentication code includes sending 
the authentication code to the determined destination unit based on the stored per-user 
destination unit identifier. The office action admits that Shi does not disclose this operation 
since Shi transmits a generated unique ID back to the same client (first unit). The claim 
requires otherwise. Also, it is admitted that McCann does not disclose this either since it 
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indicates that McCann discloses obtaining and storing the IP address of a client for the 
duration of the communication. Therefore the claims are in condition for allowance. 

It is also alleged that the reason one would combine McCann with Shi is that it would 
provide "reduced response time as taught by McCann". However, Applicants' claim is 
directed to utilizing a destination unit other than a first unit, as a mechanism to facilitate 
authentication. Neither reference alone or in combination contemplates such an operation. If 
the rejection is maintained, Applicants respectfully request a showing as to how the alleged 
motivation is relevant to the claimed subject matter and further request an identification as to 
what corresponds to the claimed destination unit other than the first unit in either the Shi 
reference or the McCann reference. 

Remaining claims 9-20 stand rejected under 35 U.S.C. § 103(a) as being unpatentable 
over Shi in view of Schneier. Applicants respectfully note that these claims are allowable at 
least as depending upon allowable base claims. 

Claims 10, 11, 13, 16, 21, 22 and 24 stand rejected under 35 U.S.C. §103(a) as being 
unpatentable over Shi in view of U.S. Patent No. 7,218,630 (Rahman). It is alleged that the 
Shi reference teaches all of the limitations of claim 10 except Shi does not specify that the 
communication environment is wireless. Applicants respectfully submit that this 
characterization of the claims is improper since there is specific wireless communication and 
specific channels and data that are required in the claim to facilitate operation. The office 
action does not address specific claim language and as such, the rejection is improper. For 
example, the method requires a primary wireless channel, a wireless back channel, and 
sending specific authentication code information and other information on specific channels. 
Among other advantages, differing levels of authentication may be carried out and an 
altemate channel may be used during a session to provide authentication information in 
addition to user ID and/or password to provide multi-factor authentication. (See for example. 



CHICAGO/#1717112.1 



12 



Specification, page 17 and elsewhere). Since claim language has not been addressed and 
since the cited portions do not teach the claimed subject matter, Applicants respectfully 
submit that the claims are in condition for allowance. 

Moreover, the Shi reference does not contemplate back channel use nor retuming 
authentication codes as described. The office action also does not indicate what corresponds 
to primary authentication information which is used to determine which destination unit will 
receive an authentication code as secondary authentication information via a wireless back 
channel to be used to authenticate the user. Instead, the office action states that an 
authentication code as claimed corresponds to the unique ID created in Shi as taught in 
column 8, lines 55-58. However, this information is not sent on a wireless back channel to a 
destination unit nor is it retumed on the primary wireless channel (which is a different 
channel than the back channel), to the authentication unit during the same session. 
Accordingly, Applicants respectfully submit that the claims are in condition for allowance. 

Rahman is directed to a data session setup system for a wireless network and deals 
with a completely different problem than that faced by Applicants or Shi. As stated in 
Rahman, Rahman is directed to dealing with utilizing a packet switched link and a circuit 
switched link between a wireless unit and a base station. By using a circuit switched link to 
send data session setup packets, the Rahman system attempts to avoid the delay associated 
with requesting and being allocated wireless resources and sending the setup packets using 
the packet switched link. Combining Rahman with that of Shi would simply result in a 
system of Shi which sent information back to the web browser apparently via a wireless 
network that employed the circuit versus packet session setup data as described in Rahman. 
Neither reference alone or in combination contemplates the claimed subject matter and as 
such. Applicants respectfully submit that the claims are in condition for allowance. 

The dependent claims add additional novel and non-obvious subject matter. 
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Accordingly, Applicants respectfully request that a timely Notice of Allowance be 
issued in this case. The Examiner is invited to contact the below-listed attorney if the 
Examiner believes that a telephone conference will advance the prosecution of this 
application. 

Respectfully submitted, 



Date: November 19. 2007 Bv: /Christopher J. Reckamp/ 

Christopher J. Reckamp 
Registration No. 34,414 

Vedder, Price, Kauftnan & Kammholz, P.C. 
222 N. LaSalle Street 
Chicago, Illinois 60601 
PHONE: (312)609-7599 
FAX: (312)609-5005 
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